This Terraform module creates AWS Elastic Load Balancers (Application or Network) along with associated Target Groups and Listeners.
- Supports Application Load Balancer (ALB) and Network Load Balancer (NLB).
- Configurable internal or internet-facing scheme.
- Customizable Target Groups with health checks.
- Defines Listeners with default forwarding actions.
- Support for Access Logs.
- Configurable deletion protection, idle timeout (ALB), and cross-zone load balancing.
- Manages tags consistently across resources.
Note: This module creates target groups but does not manage the registration of targets (EC2 instances, IP addresses, Lambda functions) within those groups. Target registration should be handled separately, typically using the aws_lb_target_group_attachment resource closer to where your compute resources (e.g., EC2 instances, Auto Scaling Groups) are defined.
- Terraform v1.11.0 or later.
- AWS Provider configured with appropriate credentials.
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
name |
The name of the load balancer. | string |
n/a | yes |
vpc_id |
The ID of the VPC in which to create the load balancer. | string |
n/a | yes |
subnet_ids |
A list of subnet IDs to attach to the load balancer. | list(string) |
n/a | yes |
load_balancer_type |
The type of load balancer to create. Options: 'application' or 'network'. | string |
"application" |
no |
internal |
Whether the load balancer is internal or internet-facing. | bool |
false |
no |
security_group_ids |
A list of security group IDs to assign to the ALB (required for ALB, ignored for NLB). | list(string) |
null |
no |
enable_deletion_protection |
Whether to enable deletion protection for the load balancer. | bool |
false |
no |
idle_timeout |
The idle timeout value, in seconds (ALB only). | number |
60 |
no |
ip_address_type |
The type of IP addresses to use ('ipv4' or 'dualstack'). | string |
"ipv4" |
no |
enable_cross_zone_load_balancing |
Whether to enable cross-zone load balancing. | bool |
null |
no |
access_logs |
Access logs configuration object. | object({...}) |
{enabled = false} |
no |
target_groups |
A list of target groups to create with the load balancer. | list(object({...})) |
[] |
no |
listeners |
A list of listeners to create with the load balancer. | list(object({...})) |
[] |
no |
tags |
A map of tags to assign to all resources created by this module. | map(string) |
{} |
no |
[
{
name = string # Suffix for TG name, used as key in listeners
backend_port = number # Target port
backend_protocol = optional(string) # Target protocol (HTTP, HTTPS, TCP, etc.)
target_type = optional(string) # instance, ip, lambda, alb (default: instance)
health_check = optional(object({ # Health check settings
enabled = optional(bool) # Default: true
interval = optional(number) # Default: 30
path = optional(string) # Default: "/"
port = optional(string) # Default: "traffic-port"
protocol = optional(string) # Default: Based on backend_protocol
timeout = optional(number) # Default: 5
healthy_threshold = optional(number) # Default: 3
unhealthy_threshold = optional(number) # Default: 3
matcher = optional(string) # Default: "200-399"
}))
deregistration_delay = optional(number) # Default: 300
attributes = optional(map(string)) # TG attributes (e.g., stickiness)
tags = optional(map(string)) # Additional TG specific tags
}
]The attributes field in target groups can be used to set various load balancer behaviors:
For Application Load Balancers, common attributes include:
stickiness.enabled: Enable/disable session stickinessstickiness.type: The type of stickiness (lb_cookie)stickiness.lb_cookie.duration_seconds: Stickiness cookie durationload_balancing.algorithm.type: Algorithm type (round_robin, least_outstanding_requests)
For Network Load Balancers:
deregistration_delay.timeout_seconds: Deregistration delay timeoutpreserve_client_ip.enabled: Enable/disable client IP preservationproxy_protocol_v2.enabled: Enable/disable proxy protocol v2
[
{
port = number # Listener port
protocol = string # Listener protocol (HTTP, HTTPS, TCP, TLS, UDP, TCP_UDP)
target_group_key = string # The 'name' from target_groups list for default action
ssl_policy = optional(string) # Required for HTTPS/TLS if not using default AWS policy
certificate_arn = optional(string) # Required for HTTPS/TLS
}
]| Name | Description |
|---|---|
lb_id |
The ID of the load balancer. |
lb_arn |
The ARN of the load balancer. |
lb_dns_name |
The DNS name of the load balancer. |
lb_zone_id |
The canonical hosted zone ID of the load balancer (to be used in a Route 53 Alias record). |
target_group_arns |
A map of target group ARNs, with target group names as keys. |
target_group_names |
A map of target group names, with target group names as keys. |
target_group_ids |
A map of target group IDs, with target group names as keys. |
listener_arns |
A map of listener ARNs, with port-protocol combinations as keys. |
listener_ids |
A map of listener IDs, with port-protocol combinations as keys. |
target_groups |
Complete map of target groups with all attributes. |
lb_type |
The type of load balancer that was created. |
module "alb" {
source = "github.com/jhermesn/AWS_ELB_Module.tf"
name = "my-app-alb"
load_balancer_type = "application"
vpc_id = "vpc-12345678"
subnet_ids = ["subnet-1", "subnet-2"]
security_group_ids = ["sg-12345678"]
target_groups = [
{
name = "web"
backend_port = 80
backend_protocol = "HTTP"
health_check = {
path = "/health"
}
}
]
listeners = [
{
port = 80
protocol = "HTTP"
target_group_key = "web"
}
]
tags = {
Environment = "production"
Project = "my-app"
}
}
# Register targets with the ALB target group
resource "aws_lb_target_group_attachment" "web" {
count = length(var.instance_ids)
target_group_arn = module.alb.target_group_arns["web"]
target_id = var.instance_ids[count.index]
port = 80
}This project is licensed under the MIT License.